This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer File: fyFvSaO5qEoOhegKLEKHTwnqOYU.cer (raw, json) Hash identifier: 8TEg2F1yr0tGHSQ6QiZZqm5R6gwbyazScq6wsv09hC8= Subject key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79ECA99CF8313CC42AAF68B3A8C5413D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 14:18:31 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 44103 IP: 45.146.4.0/22 IP: 185.235.144.0/24 IP: 188.64.138.0/24 IP: 2a07:2c00::/29 IP: 2a09:be40::/32 IP: 2a09:bfc0::/29 IP: 2a0d:8d05:: -- 2a0d:8d07:ffff:ffff:ffff:ffff:ffff:ffff IP: 2a0e:fd40::/29 IP: 2a10:84c0::/29 IP: 2a11:1:: -- 2a11:2:ffff:ffff:ffff:ffff:ffff:ffff Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:a9:9c:f8:31:3c:c4:2a:af:68:b3:a8:c5:41:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 14:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f2:1e:42:58:64:4a:ac:5c:eb:ef:81:6c:3e: 64:51:c9:0c:82:b0:0b:a2:89:a7:05:dd:05:a5:95: d7:d7:60:99:23:9f:e5:c1:37:8a:3a:10:e0:6a:e4: 32:ea:ac:57:06:0d:21:20:8c:64:35:98:d8:2f:c5: 3b:55:83:12:6c:6a:3c:74:9c:e8:82:10:c8:8f:d9: d8:70:da:29:14:4d:cf:08:bd:9d:47:5c:be:21:c9: 99:b0:2b:47:c0:cc:b5:5b:a2:12:68:72:67:92:eb: 3c:24:8a:8b:5d:98:b9:b0:8e:ee:0c:df:61:e8:ab: c9:03:e4:4c:c8:f3:5e:68:73:df:e9:54:51:c8:cd: ec:39:33:69:2c:e4:60:63:88:9e:39:68:a2:d7:7d: 66:c2:33:2f:b3:b9:dd:3f:4e:8d:74:7e:49:6c:3b: 74:a8:11:17:eb:32:03:f6:38:8e:c7:49:22:c4:98: 19:a8:7f:be:61:b2:35:b4:05:96:b5:d6:57:fa:3f: 15:24:fb:b2:d7:89:70:b4:8a:57:8d:af:c6:cd:c3: 60:36:12:75:cb:75:39:cb:ed:10:06:15:1d:47:f4: e9:28:3d:e3:4d:f2:ee:53:ae:7c:db:1f:08:65:2c: 65:bd:0e:2a:f6:94:27:ad:87:21:ef:d5:14:98:9e: 77:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.146.4.0/22 185.235.144.0/24 188.64.138.0/24 IPv6: 2a07:2c00::/29 2a09:be40::/32 2a09:bfc0::/29 2a0d:8d05::-2a0d:8d07:ffff:ffff:ffff:ffff:ffff:ffff 2a0e:fd40::/29 2a10:84c0::/29 2a11:1::-2a11:2:ffff:ffff:ffff:ffff:ffff:ffff sbgp-autonomousSysNum: critical Autonomous System Numbers: 44103 Signature Algorithm: sha256WithRSAEncryption 7c:20:8f:5c:71:70:83:f5:47:4e:38:4d:b9:da:99:0c:ab:e6: 62:a1:cf:37:64:e3:b5:7b:97:e9:b1:21:4c:f6:a1:a4:fb:e3: 64:9e:26:d4:8e:c3:86:5c:8e:9a:5a:52:65:66:36:66:f0:50: 14:dc:8f:d9:0b:b3:bc:2c:f1:2b:29:f8:bf:af:38:d0:cc:90: 5e:26:12:30:aa:21:01:be:44:1b:b7:79:54:ba:d2:07:46:51: bd:e5:aa:9a:18:19:84:55:f8:e6:17:c2:e1:17:70:ce:63:81: 3a:2a:74:54:77:29:39:e3:40:1e:3d:f1:4b:0d:93:73:5d:f1: c1:1d:e3:a3:57:cb:41:d3:ec:11:e4:d1:f0:db:4f:c3:1c:11: b0:77:1c:88:cd:47:4a:89:f2:ce:ac:c0:e8:49:9d:7d:af:fd: 26:25:b2:77:5b:23:5e:5c:0a:6a:9b:03:59:df:11:6d:93:9e: ff:4b:74:c8:52:98:09:6f:8b:36:ca:79:6b:14:f6:db:e3:96: 0a:b5:7e:f5:dd:a9:2c:ae:69:54:0b:de:fa:e2:fe:3e:35:e0: c6:c9:03:72:99:a8:f3:b4:00:58:07:95:00:d5:bc:be:6b:e8: 87:81:04:a7:8f:f4:5c:31:11:c3:bd:2c:6d:4b:70:d2:08:a4: 01:b4:a2:60 -----BEGIN CERTIFICATE----- MIIGBzCCBO+gAwIBAgISAZt57Kmc+DE8xCqvaLOoxUE9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTQxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZjIxNmY0OWEzYjlhODRhMGU4NWU4MGEyYzQyODc0ZjA5ZWEzOTg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/IeQlhkSqxc6++BbD5kUckMgrAL oomnBd0FpZXX12CZI5/lwTeKOhDgauQy6qxXBg0hIIxkNZjYL8U7VYMSbGo8dJzo ghDIj9nYcNopFE3PCL2dR1y+IcmZsCtHwMy1W6ISaHJnkus8JIqLXZi5sI7uDN9h 6KvJA+RMyPNeaHPf6VRRyM3sOTNpLORgY4ieOWii131mwjMvs7ndP06NdH5JbDt0 qBEX6zID9jiOx0kixJgZqH++YbI1tAWWtdZX+j8VJPuy14lwtIpXja/GzcNgNhJ1 y3U5y+0QBhUdR/TpKD3jTfLuU6582x8IZSxlvQ4q9pQnrYch79UUmJ53xwIDAQAB o4IDEzCCAw8wHQYDVR0OBBYEFH8hb0mjuahKDoXoCixCh08J6jmFMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJkZmIz MGNhLWUxYzItNDkyMS1iMDU0LWQ0YWYwOTE2NWFmMS8wLzCBiwYIKwYBBQUHMAqG f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRm YjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvN0YyMTZGNDlBM0I5 QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5tZnQwPAYIKwYBBQUHMA2GMGh0 dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjB2BggrBgEFBQcBBwEB/wRnMGUwGAQCAAEwEgME Ai2SBAMEALnrkAMEALxAijBJBAIAAjBDAwUDKgcsAAMFACoJvkADBQMqCb/AMA4D BQAqDY0FAwUDKg2NAAMFAyoO/UADBQMqEITAMA4DBQAqEQABAwUAKhEAAjAaBggr BgEFBQcBCAEB/wQLMAmgBzAFAgMArEcwDQYJKoZIhvcNAQELBQADggEBAHwgj1xx cIP1R044TbnamQyr5mKhzzdk47V7l+mxIUz2oaT742SeJtSOw4ZcjppaUmVmNmbw UBTcj9kLs7ws8Ssp+L+vONDMkF4mEjCqIQG+RBu3eVS60gdGUb3lqpoYGYRV+OYX wuEXcM5jgToqdFR3KTnjQB498UsNk3Nd8cEd46NXy0HT7BHk0fDbT8McEbB3HIjN R0qJ8s6swOhJnX2v/SYlsndbI15cCmqbA1nfEW2Tnv9LdMhSmAlvizbKeWsU9tvj lgq1fvXdqSyuaVQL3vri/j414MbJA3KZqPO0AFgHlQDVvL5r6IeBBKeP9FwxEcO9 LG1LcNIIpAG0omA= -----END CERTIFICATE-----Generated at Fri Jan 2 09:50:42 2026 by rpki-client